summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNicolas Riebesel <nicolas.riebesel@gmx.com>2021-09-23 01:28:22 +0200
committerKim Hagen <kim@sentrium.io>2021-10-07 09:50:34 -0500
commit2acfffab8b98238e7d869673a858a4ae21651f0b (patch)
tree7fe0eac36337835e0c6f6a2a7fa2360c440f053d
parentc567b43807faa09e3bee748d06d31619f5e97aa9 (diff)
downloadvyos-1x-2acfffab8b98238e7d869673a858a4ae21651f0b.tar.gz
vyos-1x-2acfffab8b98238e7d869673a858a4ae21651f0b.zip
openvpn: T3642: Fix password_protected check
-rwxr-xr-xsrc/conf_mode/interfaces-openvpn.py2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index ed4a6f77d..4bd0b22a9 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -154,7 +154,7 @@ def verify_pki(openvpn):
if tls['certificate'] not in pki['certificate']:
raise ConfigError(f'Invalid certificate on openvpn interface {interface}')
- if dict_search_args(pki, 'certificate', tls['certificate'], 'private', 'password_protected'):
+ if dict_search_args(pki, 'certificate', tls['certificate'], 'private', 'password_protected') is not None:
raise ConfigError(f'Cannot use encrypted private key on openvpn interface {interface}')
if mode == 'server' and 'dh_params' not in tls and not is_ec_private_key(pki, tls['certificate']):